WS-2017-0130
Published:May 14, 2026
Updated:May 14, 2026
Affected versions of the knockout package are vulnerable to Cross-site Scripting (XSS).
Affected Packages
knockout (CDN_JS):
Affected version(s) >=2.2.0 <3.0.0Fix Suggestion:
Update to version 3.0.0seqan-library (CONDA):
Affected version(s) =2.4.0Fix Suggestion:
Update to version no_fixseqan (CONDA):
Affected version(s) >=2.1.1 <=2.4.0Fix Suggestion:
Update to version no_fixknockout (NPM):
Affected version(s) >=2.1.0-pre <3.0.0Fix Suggestion:
Update to version 3.0.0hpoc (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixcucumberjs-specrunner (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixumbracocms (NUGET):
Affected version(s) >=6.1.0-beta <6.1.2Fix Suggestion:
Update to version 6.1.2webproject (NUGET):
Affected version(s) >=1.0.0 <=1.5.0Fix Suggestion:
Update to version no_fixsefdataservice (NUGET):
Affected version(s) =1.1.0.1Fix Suggestion:
Update to version no_fixlind.ddd.manager (NUGET):
Affected version(s) >=1.0.0 <=2.1.1Fix Suggestion:
Update to version no_fixap.web (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixcaregiverpoc (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixopenwaves.episerver.tagsproperty (NUGET):
Affected version(s) >=1.0.87.225 <=2.0.87.818Fix Suggestion:
Update to version no_fixknockoutjs (NUGET):
Affected version(s) >=2.2.1 <3.0.0Fix Suggestion:
Update to version 3.0.0sp.orchard (NUGET):
Affected version(s) =1.7.1Fix Suggestion:
Update to version no_fixnewhottowel (NUGET):
Affected version(s) >=1.0.0 <=4.0.0Fix Suggestion:
Update to version no_fixlind.ddd.newmanager (NUGET):
Affected version(s) >=1.0.0 <=1.0.3Fix Suggestion:
Update to version no_fixsaltarelle.knockout (NUGET):
Affected version(s) >=1.4.0 <1.6.3Fix Suggestion:
Update to version 1.6.3bizagimodelertest (NUGET):
Affected version(s) =3.3.1.118Fix Suggestion:
Update to version no_fixsfs-shell-web-mvc-compiled (NUGET):
Affected version(s) =1.0.0 <1.0.0.51Fix Suggestion:
Update to version 1.0.0.51jqwidgets_framework (NUGET):
Affected version(s) >=6.1.0 <8.0.0Fix Suggestion:
Update to version 8.0.0mvcmusicstore (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixeasyfurion (NUGET):
Affected version(s) >=1.0.0 <=1.0.1Fix Suggestion:
Update to version no_fixumbracocms (NUGET):
Affected version(s) >=6.0.0-rc <6.0.7Fix Suggestion:
Update to version 6.0.7mvcforum (NUGET):
Affected version(s) >=0.8.5.1 <=1.5.1.18Fix Suggestion:
Update to version no_fixbreeze.mvc4webapiclientsample (NUGET):
Affected version(s) >=0.73.1 <=0.84.4Fix Suggestion:
Update to version no_fixxsockets.sample.stockticker (NUGET):
Affected version(s) >=0.1.0 <=0.5.8Fix Suggestion:
Update to version no_fixproject.commonbackground (NUGET):
Affected version(s) >=1.0.2 <=1.0.5Fix Suggestion:
Update to version no_fixbreeze.webapisample (NUGET):
Affected version(s) >=0.85.1 <1.1.3Fix Suggestion:
Update to version 1.1.3zephyr.web (NUGET):
Affected version(s) >=1.0.0 <=2.0.0.1Fix Suggestion:
Update to version no_fixlearnhtml5 (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixknockout.mvc (NUGET):
Affected version(s) =0.5.1Fix Suggestion:
Update to version no_fixpoc (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixcaregiverdomain (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixxsockets.tutorials (NUGET):
Affected version(s) >=0.6.0 <=0.9.2Fix Suggestion:
Update to version no_fixmymvc4wejdemo (NUGET):
Affected version(s) =1.0.1Fix Suggestion:
Update to version no_fixjqwidgets_framework (NUGET):
Affected version(s) >=4.5.0 <6.0.6Fix Suggestion:
Update to version 6.0.6goicuavinh (NUGET):
Affected version(s) =1.0.2Fix Suggestion:
Update to version no_fixdcb (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixabao-mypackage (NUGET):
Affected version(s) =1.0.3Fix Suggestion:
Update to version no_fixmaoyuanmvckendojslib (NUGET):
Affected version(s) =1.0.1Fix Suggestion:
Update to version no_fixoctopus (NUGET):
Affected version(s) =1.0.0.1Fix Suggestion:
Update to version no_fixbizagimodeler (NUGET):
Affected version(s) >=3.3.1.203 <=3.3.1.205-bFix Suggestion:
Update to version no_fixcomposite.windowsazure.management (NUGET):
Affected version(s) =1.0.0-alpha1310230159Fix Suggestion:
Update to version no_fixefficentdurandalframework (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixknockoutjs (NUGET):
Affected version(s) =2.1.0 <2.2.0Fix Suggestion:
Update to version 2.2.0umbracocms (NUGET):
Affected version(s) >=4.9.0 <4.11.10Fix Suggestion:
Update to version 4.11.10xsockets.sample.webrtc (NUGET):
Affected version(s) >=0.1.0 <0.7.1Fix Suggestion:
Update to version 0.7.1umbracocms (NUGET):
Affected version(s) =6.2.6 <7.0.0-RCFix Suggestion:
Update to version 7.0.0-RCproofofconcept (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixknockout-bootstrap (NUGET):
Affected version(s) =0.2.1Fix Suggestion:
Update to version no_fixhumana (NUGET):
Affected version(s) =1.0.0Fix Suggestion:
Update to version no_fixcarsystem (NUGET):
Affected version(s) >=1.0.0 <2.0.1-alphaFix Suggestion:
Update to version 2.0.1-alphashared.test.package (NUGET):
Affected version(s) >=1.0.0 <1.0.3Fix Suggestion:
Update to version 1.0.3openwaves.episerver.brightcovevideocloudproperty (NUGET):
Affected version(s) >=1.0.86.606 <=1.0.88.873Fix Suggestion:
Update to version no_fixpscheit/psc-cms-js (PHP):
Affected version(s) >=dev-cojoko-transpile <dev-masterFix Suggestion:
Update to version dev-masternasermekky/fast-dashboard (PHP):
Affected version(s) =1.6.17 <1.6.18Fix Suggestion:
Update to version 1.6.18nasermekky/it (PHP):
Affected version(s) >=1.6.8 <=1.6.40Fix Suggestion:
Update to version no_fixhexmedia/knockout-bootstrap (PHP):
Affected version(s) =dev-masterFix Suggestion:
Update to version no_fixpscheit/psc-cms-js (PHP):
Affected version(s) =1.2.x-dev <1.2.1Fix Suggestion:
Update to version 1.2.1reginaldojunior/winners (PHP):
Affected version(s) =v0.1-beta <v0.1.1-betaFix Suggestion:
Update to version v0.1.1-betanasermekky/fastdashbord (PHP):
Affected version(s) >=1.6.8 <=1.6.31Fix Suggestion:
Update to version no_fixpscheit/psc-cms-js (PHP):
Affected version(s) >=1.3.0 <1.5.0-alphaFix Suggestion:
Update to version 1.5.0-alphamatidev/types (PHP):
Affected version(s) =2.3.5Fix Suggestion:
Update to version no_fixnasermekky/fastdashbord (PHP):
Affected version(s) =dev-master <1.0Fix Suggestion:
Update to version 1.0nasermekky/it (PHP):
Affected version(s) =dev-master <1.0Fix Suggestion:
Update to version 1.0phpanonymous/it (PHP):
Affected version(s) >=1.6.8 <=1.6.40Fix Suggestion:
Update to version no_fixfmccoy/a360-core (PHP):
Affected version(s) =dev-dev-master <dev-developFix Suggestion:
Update to version dev-developpscheit/psc-cms-js (PHP):
Affected version(s) =1.1.x-dev <1.1.1Fix Suggestion:
Update to version 1.1.1pscheit/serien-loader-client (PHP):
Affected version(s) >=dev-master <=1.0.3-alphaFix Suggestion:
Update to version no_fixmead_steve/behationary (PHP):
Affected version(s) =dev-masterFix Suggestion:
Update to version no_fixdev-temp/plugins (PHP):
Affected version(s) =dev-mainFix Suggestion:
Update to version no_fixmatidev/matiwp-types (PHP):
Affected version(s) =2.3.5Fix Suggestion:
Update to version no_fixnasermekky/fast-dashboard (PHP):
Affected version(s) =1.6.13 <1.6.14Fix Suggestion:
Update to version 1.6.14Related Resources (2)
Do you need more information?
Contact UsCVSS v4
Base Score:
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE